Katana VentraIP

Cloudflare

Cloudflare, Inc. is an American company that provides content delivery network services, cloud cybersecurity, DDoS mitigation, and ICANN-accredited[3] domain registration services.[4][5][6] Cloudflare's headquarters are in San Francisco, California.[4] According to The Hill, Cloudflare is used by more than 20 percent of the Internet for its web security services, as of 2022.[7]

Company type

Public

Information and communications technology

July 2009 (2009-07)

Lee Holloway
Matthew Prince
Michelle Zatlyn Edit this on Wikidata

San Francisco, California, U.S.

reverse proxy, edge computing, streaming media, identity management, virtual private network

Increase US$1.297 billion (2023)

Negative increase US$−185 million (2023)

Negative increase US$−184 million (2023)

Increase US$2.759 billion (2023)

Increase US$763 million (2023)

3,682 (2023)

Area 1 Security

cloudflare.com

Free services[edit]

In 2014, Cloudflare began providing free DDoS mitigation for artists, activists, journalists, and human rights groups under the name "Project Galileo."[53] In 2017, they extended the service to electoral infrastructure and political campaigns under the name "Athenian Project."[54][55] By 2020, more than 1,000 users and organizations were participating in Project Galileo, including 31 states.[56][57]


Cloudflare released a beta Jamstack platform for front-end developers to deploy websites on Cloudflare's infrastructure in December 2020, under the name "Pages."[58] In January 2021, the company began providing its "Waiting Room" digital queue product for free for COVID-19 vaccination scheduling under the title "Project Fair Shot."[59] Project Fair Shot later won a Webby People's Choice Award in 2022 for Event Management under the Apps & Software category.[60]


In March 2023, Cloudflare announced post-quantum cryptography will be made freely and forever available to cloud services, applications and Internet connections.[61]

Security and privacy issues[edit]

Intrusions[edit]

On June 1, 2012, the hacker group UGNazi redirected visitors to the website 4chan to a Twitter account belonging to UGNazi. They allegedly used social engineering to trick AT&T support staff into giving them access to Cloudflare CEO Matthew Prince's voicemail, then exploited a vulnerability in Cloudflare's use of Google's two-factor authentication system. Once in control of Prince’s email account, UGNazi was able to redirect the 4chan domain through Cloudflare’s database.[62][63]

Data leaks[edit]

From September 2016 until February 2017, a major Cloudflare bug (nicknamed Cloudbleed) leaked sensitive data, including passwords and authentication tokens, from customer websites by sending extra data in response to web requests.[64] The leaks resulted from a buffer overflow which occurred, according to numbers provided by Cloudflare at the time, more than 18,000,000 times before the problem was corrected.[65][66]


In May 2017, ProPublica reported that Cloudflare routinely discloses the names and email addresses of persons complaining about hate sites to the operators of those sites, which has led to the complainants being harassed. In response, Cloudflare's CEO said the company would allow individuals in "certain instances to complain anonymously" and that Cloudflare "would be more selective in its decisions to share with its clients the personal information of people who reported objections."[67]

Service outages[edit]

In July 2019, there was a major outage lasting about 30 minutes that was attributed to bad software deployment.[68][69] In 2020, a misconfiguration of a router caused a data pileup and outage in major European cities.[70] Cloudflare experienced another outage in June 2022.[71]

Official website

Bloomberg